VYPR

rpm package

suse/git&distro=SUSE Linux Enterprise Software Development Kit 12 SP1

pkg:rpm/suse/git&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1

Vulnerabilities (4)

  • CVE-2017-8386HigJun 1, 2017
    affected < 2.12.3-26.1fixed 2.12.3-26.1

    git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name

  • CVE-2015-7545CriApr 13, 2016
    affected < 1.8.5.6-15.1fixed 1.8.5.6-15.1

    The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in

  • CVE-2016-2324CriApr 8, 2016
    affected < 1.8.5.6-18.1fixed 1.8.5.6-18.1

    Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.

  • CVE-2016-2315CriApr 8, 2016
    affected < 1.8.5.6-18.1fixed 1.8.5.6-18.1

    revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.